Step #1: Create a Provisioning Token and Capture the Connection URL for PingOne in LastPass

To begin the setup process for LastPass using PingOne, capture both the Connection URL and Provisioning Token from the LastPass Admin Console.

Before you begin: It is required that you enable the "Permit super admins to reset master passwords" policy for at least one LastPass admin (who is also a non-federated admin, if you are setting up federated login) in the LastPass Admin Console. This ensures that all LastPass user accounts can still be recovered (via master password reset) if a critical setting is misconfigured or changed after the setup is complete.

Tip: Open a text editor application so that you can save the values that will be used to connect LastPass and PingOne.

About this task: The steps below are performed in the LastPass Admin Console.

Log in and access the Admin Console at https://admin.lastpass.com/.
Go to Users > Directories.
Select the PingOne tab.
Copy the URL and paste it into your text editor.

Remember: You will be using this value in later steps.
Click Create Provisioning Token to generate it, then immediately copy the Token and paste it into your text editor.

Remember: You will be using this value in later steps.

Warning: Please note that if you have already established a token in PingOne, then selecting Reset Provisioning Token will invalidate the previous token, and will require you to update PingOne with the new token.

Troubleshooting: If you navigate away from the PingOne tab before the Provisioning Token has been copied, you will need to generate a new one by selecting Reset Provisioning Token.

Results: You have captured both the Connection URL and Provisioning Token from the LastPass Admin Console.

Parent article: Set Up Federated Login for LastPass using PingOne

Next article: Step #2: Configure the Provisioning App for LastPass in PingOne